Support backup filtering

Support to filter backups by instance_id and all_projects(admin only by default). Story: #2006433 Task: #36343 Change-Id: Ia483bbafb8d106a9d46ab908cf5659f06fb3b7ed
2019-08-23 15:46:34 +12:00 · 2019-08-23 15:46:34 +12:00 · d43b4209e9
parent 214a6a0b1f
commit d43b4209e9
3 changed files with 34 additions and 12 deletions
--- a/trove/backup/models.py
+++ b/trove/backup/models.py
@ -182,22 +182,22 @@ class Backup(object):
        return query.all(), marker

    @classmethod
-    def list(cls, context, datastore=None):
-        """
-        list all live Backups belong to given tenant
-        :param cls:
-        :param context: tenant_id included
-        :param datastore: datastore to filter by
-        :return:
-        """
+    def list(cls, context, datastore=None, instance_id=None,
+             all_projects=False):
        query = DBBackup.query()
-        filters = [DBBackup.tenant_id == context.tenant,
-                   DBBackup.deleted == 0]
+        filters = [DBBackup.deleted == 0]
+
+        if not all_projects:
+            filters.append(DBBackup.tenant_id == context.tenant)
+        if instance_id:
+            filters.append(DBBackup.instance_id == instance_id)
+
        if datastore:
            ds = datastore_models.Datastore.load(datastore)
            filters.append(datastore_models.DBDatastoreVersion.
                           datastore_id == ds.id)
            query = query.join(datastore_models.DBDatastoreVersion)
+
        query = query.filter(*filters)
        return cls._paginate(context, query)

--- a/trove/backup/service.py
+++ b/trove/backup/service.py
@ -39,9 +39,21 @@ class BackupController(wsgi.Controller):
        """
        LOG.debug("Listing backups for tenant %s", tenant_id)
        datastore = req.GET.get('datastore')
+        instance_id = req.GET.get('instance_id')
+        all_projects = req.GET.get('all_projects', False)
        context = req.environ[wsgi.CONTEXT_KEY]
-        policy.authorize_on_tenant(context, 'backup:index')
-        backups, marker = Backup.list(context, datastore)
+
+        if all_projects:
+            policy.authorize_on_tenant(context, 'backup:index:all_projects')
+        else:
+            policy.authorize_on_tenant(context, 'backup:index')
+
+        backups, marker = Backup.list(
+            context,
+            datastore=datastore,
+            instance_id=instance_id,
+            all_projects=all_projects
+        )
        view = views.BackupViews(backups)
        paged = pagination.SimplePaginatedDataView(req.url, 'backups', view,
                                                   marker)
--- a/trove/common/policies/backups.py
+++ b/trove/common/policies/backups.py
@ -45,6 +45,16 @@ rules = [
                'method': 'GET'
            }
        ]),
+    policy.DocumentedRuleDefault(
+        name='backup:index:all_projects',
+        check_str='role:admin',
+        description='List backups for all the projects.',
+        operations=[
+            {
+                'path': PATH_BACKUPS,
+                'method': 'GET'
+            }
+        ]),
    policy.DocumentedRuleDefault(
        name='backup:show',
        check_str='rule:admin_or_owner',